Monday, 22 August 2011

Another cc-grabbers web based

Found on the same server of 'bender edition'
It's another cc-grabbers but you can call this one 'crappy edition'

The php code of the main page was obfuscated

Replace eval($ev); by echo($ev); and you get the clean version.
thanks tishrom :)

There is only this page:

index.php who is the update page, after looking at the source code, you must call it like this:
index.php?pkey=PASSWORD&action=set&login=&balance=&account_type=&holder_name=&last_login=&account_status=&ccs=&banks=

It will insert datas into a html file at "data/log.html"
and will use jabber/icq for notify.
(jabber by calling lib/class.jabber.php)

screenshot of the 'log.html' found on the server:

There is no options for manage credit cards and stuff.
And like the previous panel, this coder has never heard of XSS attacks.
All variables are vulnerable except 'action' & 'pkey'